Secure Coding in Java
Graded: Secure Coding in Java
1 Question
Week 2
Ideation
2 videos
Video: The Interaction Design Specialization
20 m
Video: Introducing Elizabeth Gerber
40 m
Graded: Secure Coding in Java
1 Question
Top

Secure Coding in Java

AppSec 102 - Secure Coding in Java

About this course

Java Secure Coding Training

a
Instructor:Fabio Cerullo
Next Scheduled Course:
TBC Live Online €700 (1 day)

 

 

Java is used to develop full featured and very powerful corporate applications. Many of these applications do allow access to critical and confidential resources and this has made them popular targets for attack. To minimise the likelihood of security vulnerabilities caused by programmer error, Java developers must understand and adhere to best practices.

About this course

Objectives

This course aims to provide the knowledge and resources required to evaluate the security of Java applications. The participants, through the understanding of theory and practical exercises carried out by them, will be able to identify critical vulnerabilities in web applications and implement the necessary corrective measures.

It is recommended that participants on the Web Application Secure Coding in Java have completed the Web Application Security Training course. Please see “Related Training”.

Overview

The course is aligned with the OWASP Top 10, a world-renowned reference document which describes the most critical web application security flaws.

The topics covered include:

• General Web Application Security Concepts
• Java Security Features
• Identify security vulnerabilities in code (OWASP Top 10, SANS 25)
• Implement Security Controls
• Authentication
• Session Management
• Access control
• Input validation
• Output encoding/escaping
• Cryptography
• Error handling and logging
• Data Protection
• HTTP security
• Incorporate security into the development process

Format: The course combines theory and hands-on practical exercises. The participants learn to identify vulnerabilities in a dummy Java web application purpose-built and containing the bugs and coding errors they have learned about. This provides an ideal ‘real-life’ opportunity to exploit these vulnerabilities using different open source tools and techniques in a safe environment.

Duration: 1 day (8 hours)

Attendee Profile

The course is designed for:

• Software Developers
• Quality Assurance professionals
• System Architects
• Information Security Professionals

Materials
  • Printed materials
  • Virtual image containing all tools used
  • Certificate of Participation (CPE Points)
Related Training
  • The Web Application Secure Coding in NET course is designed to instruct participants on best practices in secure coding using the .Net Framework.
  • The ISC2 Certified Secure Software Lifecycle Professional (CSSLP) course is designed for professionals who demonstrate a globally recognised level of competence, as defined in a common body of knowledge, by assuring security throughout the software lifecycle. They incorporate security when planning, designing, developing, acquiring, testing, deploying, maintaining, and/or managing software to increase its trustworthiness. Learn more about our CSSLP training 
  • The Web Application Security Essentials course is a comprehensive and strategic overview of web application security and does not focus on a specific programming language, although some knowledge of JavaScript, basic SQL and the HTTP protocol is recommended. Learn more about our Web Application Security Training
  • The Threat Modeling course provides attendees with the knowledge to identify applicable threats, quantify them, and address the risk with effective countermeasures to mitigate any attack – at the design stage of the SDL. Learn more about our Threat Modeling training
  • The Secure Coding for PCI DSS course provides attendees specific knowledge and skills to apply the secure coding and application security standards needed for PCI DSS–relevant applications that process card payments and/or cardholder data. Learn more about our Secure Coding for PCI DSS training

Course Curriculum

Graded: Secure Coding in Java
1 Question
Week 2
Ideation

Our course begins with the first step for generating great user experiences: understanding what people do, think, say, and feel. In this module, you’ll learn how to keep an open mind while learning.

2 videos
Video: The Interaction Design Specialization
20 m
Video: Introducing Elizabeth Gerber
40 m
Graded: Secure Coding in Java
1 Question